Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v3 - dependabot #618

Merged
merged 1 commit into from
Sep 12, 2024
Merged

v3 - dependabot #618

merged 1 commit into from
Sep 12, 2024

Conversation

mathiazom
Copy link
Contributor

@mathiazom mathiazom commented Sep 11, 2024
edited
Loading

Adds a dependabot.yml configuration file to receive automatic dependency update PRs from dependabot. This makes it easier to make dependency updates a natural part of the development workflow within a team.

The config file must be merged into the default branch (aka main) to take effect. However, this should not affect main in any other way, since Dependabot is configured to only target the v3 branch.

Visual Overview (Image/Video)

Example from a fork of the v3 branch with the proposed dependabot configuration (with the default limit of 5 PRs)

image

Checklist

Please ensure that you’ve completed the following checkpoints before submitting your pull request:

  • Documentation: Relevant documentation has been added or updated (if applicable).
  • Testing: Have you tested your changes thoroughly?

@vercel Vercel
Copy link

vercel bot commented Sep 11, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
variant-no ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 11, 2024 2:25pm
variant-se-2 ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 11, 2024 2:25pm

@anemne
Copy link
Contributor

anemne commented Sep 12, 2024

You need to change the branch you want to merge to, other than that it looks good.

@christinaroise
Copy link
Contributor

will this also cover dependency conflicts?

@mathiazom
Copy link
Contributor Author

will this also cover dependency conflicts?

Not sure. In general we are responsible for verifying that an update does not break something, so this should be a part of that.

@mathiazom mathiazom merged commit 5a73832 into v3 Sep 12, 2024
7 checks passed
@mathiazom mathiazom deleted the deps/v3-dependabot branch September 12, 2024 10:34
@mathiazom mathiazom mentioned this pull request Sep 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anemne anemne anemne approved these changes

@christinaroise christinaroise christinaroise approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mathiazom @anemne @christinaroise